Robert Falcone, Author at Unit42

A conceptual image representing espionage, such as the attempted (but unsuccessful) credential harvesting discussed here.

5,956

people reacted

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

By Robert Falcone
April 15, 2021 at 6:00 AM

8 min. read

The BumbleBee webshell, conceptually illustrated here, was discovered as part of an investigation of the continued xHunt campaign.

26,706

people reacted

xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement

By Robert Falcone
January 11, 2021 at 12:01 AM

25 min. read

Conceptual image illustrating Egregor ransomware.

21,595

people reacted

Threat Assessment: Egregor Ransomware

By Doel Santos, Brittany Barbehenn and Robert Falcone
December 8, 2020 at 6:00 PM

5 min. read

A conceptual image illustrating the concept of espionage, including the type of stealthy activity using backdoors that threat researchers observed the xHunt campaign using.

27,041

people reacted

xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control

By Robert Falcone
November 9, 2020 at 12:00 AM

12 min. read

An illustration of the concept of ransomware, including Thanos

35,312

people reacted

Thanos Ransomware: Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa

By Robert Falcone
September 4, 2020 at 6:00 AM

13 min. read

Conceptual image illustrating WastedLocker ransomware

29,848

people reacted

Threat Assessment: WastedLocker Ransomware

By Alex Hinchliffe, Doel Santos, Adrian McCabe and Robert Falcone
July 30, 2020 at 6:00 AM

4 min. read

A conceptual illustration showing a world map along with icons representing malware and other tools used by malicious actors

29,211

people reacted

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

By Robert Falcone
July 22, 2020 at 6:00 AM

18 min. read

37,082

people reacted

Updated BackConfig Malware Targeting Government and Military Organizations in South Asia

By Alex Hinchliffe and Robert Falcone
May 11, 2020 at 9:30 PM

16 min. read

31,287

people reacted

APT41 Using New Speculoos Backdoor to Target Organizations Globally

By Bryan Lee, Robert Falcone and Jen Miller-Osborn
April 13, 2020 at 5:45 PM

7 min. read

28,133

people reacted

Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations

By Robert Falcone, Bryan Lee and Alex Hinchliffe
March 3, 2020 at 6:00 AM

28 min. read

31,191

people reacted

Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations

By Robert Falcone
February 3, 2020 at 6:00 AM

13 min. read

20,860

people reacted

xHunt Campaign: New Watering Hole Identified for Credential Harvesting

By Brittany Barbehenn and Robert Falcone
January 27, 2020 at 6:00 PM

7 min. read

23,182

people reacted

xHunt Campaign: xHunt Actor’s Cheat Sheet

By Robert Falcone
December 4, 2019 at 8:00 PM

19 min. read

32,344

people reacted

xHunt Campaign: New PowerShell Backdoor Blocked Through DNS Tunnel Detection

By Robert Falcone and Brittany Barbehenn
October 10, 2019 at 5:00 AM

11 min. read

51,337

people reacted

xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations

By Robert Falcone and Brittany Barbehenn
September 23, 2019 at 6:00 AM

22 min. read

Posts created by: Robert Falcone

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement

Threat Assessment: Egregor Ransomware

xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control

Thanos Ransomware: Destructive Variant Targeting State-Run Organizations in the Middle East and North Africa

Threat Assessment: WastedLocker Ransomware

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

Updated BackConfig Malware Targeting Government and Military Organizations in South Asia

APT41 Using New Speculoos Backdoor to Target Organizations Globally

Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations

Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations

xHunt Campaign: New Watering Hole Identified for Credential Harvesting

xHunt Campaign: xHunt Actor’s Cheat Sheet

xHunt Campaign: New PowerShell Backdoor Blocked Through DNS Tunnel Detection

xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account